CVE-2008-3929 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3929): gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
ampache-3.4.3 is in the tree. Targets: amd64 ppc x86
amd64 stable.
x86 stable
ppc stable
glsa decision, voting YES.
Removed ampache-3.3.3.5. Webapps done.
YES too, request filed.
GLSA 200812-22